Neemobeer Cloud Security Engineer Staff member Sep 23, 2021 #2 Create two GPOs one set to deny read and write for removable media. Create a second GPO that applies after the deny all that is targeted to a AD group and make sure the GPO settings are User config and not computer config.
Create two GPOs one set to deny read and write for removable media. Create a second GPO that applies after the deny all that is targeted to a AD group and make sure the GPO settings are User config and not computer config.
ussnorway Windows Forum Team Staff member Premium Supporter Sep 23, 2021 #3 if we assume these users are remote then yes but a local user can just bypass the GPO if they can actually use the port itself
if we assume these users are remote then yes but a local user can just bypass the GPO if they can actually use the port itself